Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0783

4 documents4 sources

Severity

7.5HIGH

EPSS

11.5%

top 6.37%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Opera Software Opera WEB Browser

Timeline

PublishedAug 12

Latest updateApr 30

Description

Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDopera_software/opera_web_browser5.12, 6.0, 6.0.1+2

Patches

Patch: www.iss.net ↗Patch: www.securityfocus.com ↗Patch: www.iss.net ↗

🔴Vulnerability Details

GHSA

GHSA-rr52-8qxq-j6cc: Opera 6↗2022-04-30

▶

CVEList

CVE-2002-0783: Opera 6↗2002-07-26

▶

💥Exploits & PoCs

Exploit-DB

Opera 5.12/6.0 - Frame Location Same Origin Policy Circumvention↗2002-05-15

▶